-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 11 Apr 2025 22:49:23 +0200
Source: graphicsmagick
Architecture: source
Version: 1.4+really1.3.40-4+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 1099955
Changes:
 graphicsmagick (1.4+really1.3.40-4+deb12u1) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
 .
   [ Carlos Henrique Lima Melara ]
   * d/p/CVE-2025-27795.patch: fix CVE-2025-27795 by adding image dimension
     resource limits. (Closes: #1099955)
 .
   [ Salvatore Bonaccorso ]
   * ReadJXLImage(): pixel_format.num_channels needs to be 2 for grayscale
     matte (CVE-2025-32460)
Checksums-Sha1: 
 709320c81fc6f8a85d93fa8e9066c226fb5937c2 3395 graphicsmagick_1.4+really1.3.40-4+deb12u1.dsc
 ac7f65860500a538906a5762c3011e8d42409fb3 5507792 graphicsmagick_1.4+really1.3.40.orig.tar.xz
 7059a5523bf2209325d6e1d29668c46beeb79535 228 graphicsmagick_1.4+really1.3.40.orig.tar.xz.asc
 4802b4f7d2587ccf190c4c189e19643e0beb97c1 160596 graphicsmagick_1.4+really1.3.40-4+deb12u1.debian.tar.xz
Checksums-Sha256: 
 1b19a2190f1980b94fc0c3c9896a8afc849d1fbbedaad698808f112aeb0a7839 3395 graphicsmagick_1.4+really1.3.40-4+deb12u1.dsc
 97dc1a9d4e89c77b25a3b24505e7ff1653b88f9bfe31f189ce10804b8efa7746 5507792 graphicsmagick_1.4+really1.3.40.orig.tar.xz
 e397c2159d7be8d83174b9757d52475a35ade41d857350e390d16a710c57e29a 228 graphicsmagick_1.4+really1.3.40.orig.tar.xz.asc
 d0f877ad86874f1fea15b59fd140a3a6fadd46aee548c13c5f19e9da035818a4 160596 graphicsmagick_1.4+really1.3.40-4+deb12u1.debian.tar.xz
Files: 
 6360be123f061608074082670afe8acb 3395 graphics optional graphicsmagick_1.4+really1.3.40-4+deb12u1.dsc
 eb8395be198a661352dafb98eff5e35c 5507792 graphics optional graphicsmagick_1.4+really1.3.40.orig.tar.xz
 4daa7f467ec0228bf41cf1048b2dae4c 228 graphics optional graphicsmagick_1.4+really1.3.40.orig.tar.xz.asc
 cacc629b79bfb7d8781b98a243599347 160596 graphics optional graphicsmagick_1.4+really1.3.40-4+deb12u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmf5g/FfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EdI4P/18TR8npR2CPnasov0HxyB49vQHL1QRH
OidMrTGNEj4JVakkz+ilIKJ4zM4aXjq1kb/KtMFhZVtiye2XtJOmS3uYM+NM0qR/
RUBGdKr+Kn1AAsXwGp+fq6jf/3qe/F8GMe+MZ5KfQ0N/p5pl/JKX7TDwxtrYLak5
LAbYD487Tg2c9Ug+VZQwHfACeRv16O5REPm5dJin37i8NcBCkmnKBOVWu9txnPYj
8BT5exZ8KHF5oJ29KLF1Lms6IEFYdJiBw7oNP3lfrdv5eKSN5HeoKyOm6X4mnYlO
iqWPhDXhoBcrBjGUkGykzO63Xzr3hvnM9eAG6oOCwqbCUMorsePAH2TI9Of0ZE9N
rW+wyAPGqnZJa35rLzKm50KgHHMnJ7mjLHkhkGjAGn9N6hm9rFWq9gZdUDwUAxCz
X14GzRIUN1npubfTIBJhXrQndagtwQVfOmjwsADvJQjp0p2YXxgaCwIdTNUVUZqx
ABQMeyDZZss1J1HpMCIJ5i5fyYOhzPr0xlfoS6KT5gtyLWz6ME2aXrvUXMghDSOZ
ds+OVij+KQUDBH+ywF3MeooRYqM04HIfgDFUWjszZMt8hl5IcQjLvxJ2EURECc6L
sXKkO27wz7w+vhSxpqXJLstqMWfGA3HJTI8ev3R3c5DnXH/vNMWrVVXHJr9IqRIb
1MOO7zrQhV9d
=Cs6G
-----END PGP SIGNATURE-----